You experience an issue on a Cisco Nexus 7700 Series switch. You must gather detailed information about the system
state and the configuration of the switch. Which command should you run?
A. switch# show logging > bootflash:Log.txt
B. switch# show tech-support > bootflash:Log.txt
C. switch# show running-config > bootflash:Log.txt
D. switch# show system > bootflash:Log.txt
Correct Answer: B

Which two actions are required when configuring LISP virtual machine mobility across subnets? (Choose two.)
A. Filter HSRP hello messages across data centers to create an active-active HSRP setup
B. Enable proxy ARP on the interfaces that allow virtual machine mobility
C. Configure different MAC addresses across all the HSRP groups
D. Ensure that all the HSRP virtual IP addresses are different in the extended LANs
E. Propagate ARP packets across all the broadcast domains of the data center.
Correct Answer: AB

Which statement about the Layer 3 card on the Cisco Nexus 5500 Series Switch is true?
A. BGP support is not provided, but RIP, EIGRP, and OSPF support is provided.
B. Up to two 4-port cards are supported with up to 160 Gb/s of Layer 3 forwarding capability.
C. Up to 16 FEX connections are supported.
D. Port channels cannot be configured as Layer 3 interfaces.
Correct Answer: C
From the Cisco NX-OS 5.1(3)N1(1) release and later releases, each Cisco Nexus 5500 Series device can manage and
support up to 24 FEXs without Layer 3. With Layer 3, the number of FEXs supported per Cisco Nexus 5500 Series
is 8. With Enhanced vPC and a dual-homed FEX topology each FEX is managed by both Cisco Nexus 5000 Series
devices. As a result, one pair of Cisco Nexus 5500 Series devices can support up to 24 FEXs and 16 FEXs for Layer 2
Layer 3.

What is the grace period in a graceful restart situation?
A. how long the supervisor waits for NSF replies
B. how often graceful restart messages are sent after a switchover
C. how long NSF-aware neighbors should wait after a graceful restart has started before tearing down adjacencies
D. how long the NSF-capable switches should wait after detecting that a graceful restart has started, before verifying
that adjacencies are still valid
Correct Answer: C
Graceful restart (GR) refers to the capability of the control plane to delay advertising the absence of a peer (going
through control-plane switchover) for a “grace period,” and thus help minimize disruption during that time (assuming the
standby control plane comes up). GR is based on extensions per routing protocol, which are interoperable across
vendors. The downside of the grace period is huge when the peer completely fails and never comes up, because that
slows down the overall network convergence, which brings us to the final concept: nonstop routing (NSR). NSR is an
internal (vendor-specific) mechanism to extend the awareness of routing to the standby routing plane so that in case of
failover, the newly active routing plane can take charge of the already established sessions.

Which statement about FabricPath and private VLANs is true?
A. FabricPath ports can be put into a private VLAN.
B. All VLANs in the private VLAN must in the same mode.
C. Private VLANs are not supported with FabricPath.
D. FabricPath is the only mode supported for private VLANs.
Correct Answer: B

What can be identified by running the show install all impact kickstart bootflash:n5000-uk9-kickstart.7.0.7.N.1.1.bin
system bootflash:n5000-uk9.7.0.7.N1.1a.bin command?
A. whether the specified kickstart image is compatible with the start-up config
B. whether the specified system image supports the kickstart image
C. whether bootflash is supported for the specified Cisco NX-OS images
D. whether ISSU is supported for the specified Cisco NX-OS images
Correct Answer: D

Which statement accurately describes MP-BGP EVPN?
A. MP-BGP EVPN is a Layer 3 overlay alternative to VXLANs.
B. The control plane of the VXLAN overcomes the flood-and-learn limitations of MP-BGP EVPN.
C. The MP-BGP EVPN control plane overcomes the flood-and-learn limitations of the VXLAN.
D. MP-BGP EVPN is a Layer 2 overlay alternative to VXLANs.
Correct Answer: B

Which statement about the implementation of Cisco TrustSec on Cisco Nexus 7000 Series Switches is true?
A. While SGACL enforcement and SGT propagation are supported on the M and F modules, 802.1AE (MACsec)
support is available only on the M module.
B. SGT Exchange Protocol is required to propagate the SGTs across F modules that lack hardware support for Cisco
C. AAA authentication and authorization is supported using TACACS or RADIUS to a Cisco Secure Access Control
D. Both Cisco TrustSec and 802.1X can be configured on an F or M module interface.
Correct Answer: A
The M -Series modules on the Nexus 7000 support 802.1AE MACSEC on all ports, including the new M2-series
modules. The F2e modules will have this feature enabled in the future. It is important to note that because 802.1AE
a link-level encryption, the two MACSEC-enabled endpoints, Nexus 7000 devices in our case, must be directly L2
This means we direct fiber connection or one facilitated with optical gear is required. MACSEC has integrity checks for
the frames and intermediate devices, like another switch, even at L2, will cause the integrity checks to fail. In most
this means metro-Ethernet services or carrier-provided label switched services will not work for a MACSEC connection.


Which GLBL load-balancing method ensures that a client is always mapped to the same virtual MAC address?
A. host-dependent
B. vmac-weighted
C. dedicated-vmac-mode
D. shortest-path and weighting
Correct Answer: A


Which command specifies a load-balancing method based on the MAC address of a host where the same forwarder is
always used for a particular host while the number of GLBP group members remains unchanged?
A. load-balancing host-dependent
B. load-balancing mac-pinning
C. load-balancing round-robin
D. load-balancing weighted
Correct Answer: A

Which action limits the maximum number of routes that are allowed in the routing table?
A. Use a BGP filter.
B. Use only static routes.
C. Use the maximum routes command inside address family.
D. Use a route map to filter routes.
Correct Answer: C

Which feature does the spanning-tree port type network command enable?
A. TrustSec
B. Bridge Assurance
C. BPDU Guard
D. Rapid PVST+
Correct Answer: B
Network ports are connected only to switches or bridges. Bridge Assurance is enabled only on network ports.

Which two benefits are realized when deploying Cisco Catalyst 6500 VSS 1440 functionality in a data center? (Choose
A. Stateful Switchover across chassis
B. enhanced security of network equipment
C. enhanced speed of spanning-tree convergence
D. reduced number of Inter-Switch Links
E. implementation of Multichassis EtherChannel
F. deployment of VRRP and HSRP
Correct Answer: AE

